• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: [Fed-Talk] Two different PIV certificates on CAC?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Fed-Talk] Two different PIV certificates on CAC?

  • Subject: Re: [Fed-Talk] Two different PIV certificates on CAC?
  • From: "Miller, Timothy J." <email@hidden>
  • Date: Tue, 11 Sep 2018 17:07:41 +0000
  • Thread-topic: [Fed-Talk] Two different PIV certificates on CAC?
http://www.cac.mil/Common-Access-Card/Developer-Resources/

-- T

On 9/11/18, 11:33 AM, "Fed-talk on behalf of Ken Hornstein"
<fed-talk-bounces+tmiller=email@hidden on behalf of
email@hidden> wrote:

    >Remember there are two card edges (i.e., data models)--CAC and PIV--and
    >each exposes a slightly different view of the key containers on the
    >card.  This is an artifact of the fact that the CAC predates the PIV
    >specification by a fair number of years.
    >[...]

    Thanks for that information!  That explains a lot!  But this is a segue into
    something that has always frustrated me ... where is all of this information
    located?

    I've viewed the various DoD CAC web pages, and it seems like this sort of
    information isn't there; it's all either high level, or white papers about
    software that I would never use.  The "useful" information comes from
    either asides like this one on mailing lists, or rumors.  Most of the time
    I just find out things by accident; it's like, "Hey, did you guys know that
    they issued a new Root CA certificate a few weeks ago?".  I mean, clearly
    this information is being distributed SOMEHOW, I'm not just not in the
    loop and I'd like to be.

    >(And yes, I'll try to get some time to compile and test the module
    >again. :)

    It actually works with Firefox now, at least for me.  I need to do some
    internal cleanup and I'd like to make it so it will expose CA certificates
    that are located in the Keychain, so you don't need to add certificates to
    Firefox and other applications (CACKey has the certificiates it exposes
    compiled into it and that doesn't seem so robust to me).  Hopefully the
first
    "real" beta release will be an actual installable package.

    --Ken
     _______________________________________________
    Do not post admin requests to the list. They will be ignored.
    Fed-talk mailing list      (email@hidden)
    Help/Unsubscribe/Update your Subscription:

    This email sent to email@hidden



 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: [Fed-Talk] Two different PIV certificates on CAC?
      • From: Ken Hornstein <email@hidden>
References: 
 >[Fed-Talk] Two different PIV certificates on CAC? (From: Ken Hornstein <email@hidden>)
 >Re: [Fed-Talk] Two different PIV certificates on CAC? (From: "Miller, Timothy J." <email@hidden>)
 >Re: [Fed-Talk] Two different PIV certificates on CAC? (From: Ken Hornstein <email@hidden>)

  • Prev by Date: Re: [Fed-Talk] Two different PIV certificates on CAC?
  • Next by Date: Re: [Fed-Talk] Two different PIV certificates on CAC?
  • Previous by thread: Re: [Fed-Talk] Two different PIV certificates on CAC?
  • Next by thread: Re: [Fed-Talk] Two different PIV certificates on CAC?
  • Index(es):
    • Date
    • Thread